With just one vendor to call and one bill to pay, Charlie Schluting argues that managing a WLAN with central controllers is the way to go, and explains how that works with Cisco gear.

Standalone wireless access points are a burden to manage. Cisco has a wide suite of centralized wireless
controllers available to centralize and manage your thousands of access points as one. In this article, we
examine how WLAN management looks in the world of centralized control with Cisco controllers.

Related Articles

In the absence of WLAN controllers, configuring a new access point requires a few steps. First, you remove it
from the box and connect it to your laptop's serial port. Next you login and paste in your standard
configuration and set the IP, after allocating an IP address and creating the DNS and DHCP entries. Next, you
decide where to plug it in and configure a switch port to connect the access point to. Finally, you can deploy
the access point.

With centralized management, the only required step is the physical deployment. The access point will need to
connect to a trunk port on your switch if you run more than one wireless network and wish for it to land on a
specific virtual LAN (VLAN) once it hits the wire. Even without a special VLAN configuration, you will need to place the
access point in the right VLAN to get DHCP and the next-server address of the wireless controller, where it
fetches its configuration from. The port configurations can be done ahead of time, and pushed out to many
switches at once; or they can even be automated. Suffice it to say, deploying new access points in this manner
is most enjoyable.

It may seem a marginal benefit to save 20 minutes of configuration time to configure new access points,
especially to smaller businesses. Larger infrastructures may have 100, 1,000, or even 10,000 access points to
deploy and manage. With thousands of access points, it simply isn't possible to configure, let alone manage,
such a large wireless network.

Not only do centralized wireless controllers ease the burden of deploying new access points, but they also
greatly simplify the day to day management of them.

Features

Aside from automated deployment, which, truth be told, is available to some extent with third party
management tools, centralized wireless controllers are also able to implement some neat tricks.

Management, as was briefly touched on, is done from a single point. Not only is logging in to the thin-client
access points impossible, it is unnecessary. Controllers allow the administrator to create groups for many
purposes: geographical, security, and features. To deploy a change to the wireless configuration of an entire
building, for example adding an SSID, simply apply that change to the group.

Wireless controllers are able to implement tricks unavailable in a standard decentralized wireless network.
RF management, for example, allows the controller to detect radio interference and work around it by
automatically boosting the power of nearby access points. Voice over Wi-Fi with proper QoS and location
services allows for reliable and robust deployment of VoIP services.

Location tracking is useful for more than emergency services. User mobility when roaming between access
points with potentially different networks, even with the ability to track and manage security policy updates,
is possible with these controllers. The controllers also implement IPS and IDS features, and can use the
location services to pinpoint the exact location of an evildoer. Defining security groups and configuring
authentication protocols without having to manually configure an access point is also another time saver.

Ultimately, a whole slew of features is available when a centralized controller is calling the shots. Perhaps
the most beneficial features--because let's face it, most people could at least partially automate the
centralized configuration duties--is RF control. The capability to knock rogue access points off the air and
work around obstructions and interference is nothing short of amazing. There is no longer any need to physically
move about access points due to spotty coverage, nor to run about frantically trying to locate an unauthorized
device somewhere within a quarter mile.

Implementation

To implement a central wireless controller, you first need to find one. There are two Cisco options:
standalone and modules. Both types have the same software, and therefore the same feature set, so the decision
comes down to which you'd prefer. You will likely want two, since the drawback to centralized control is
that all wireless traffic will flow through the central point, making the controller a single point of failure.
The controllers have high availability features, which will allow one unit to take over if the first becomes
unavailable.

The 2100, 4400, and 5500 series devices are standalone controller units. Integrated controllers and
controller modules are available for many Cisco routers. Modules in the 6500 series are called the WiSM (Wireless Services Module), and the integrated controller stacks with other 3750 devices. Finally, the integrated service module is available for a number of Cisco routers (but not the 2600 series). The service modules often come with a limited feature set, as many of the devices they are available for are targeted at SMBs. Just pay attention to how many simultaneous clients and access points each will allow.

To get started implementing a controller-backed wireless network, you must first consider what to do with
existing access points. You can re-flash your existing Cisco Aironet 1200 series access points to be thin
clients, but since the thin access points are less expensive, this is often difficult to justify. Deploy a test
network, sell them on eBay, or re-flash them; in the end, you need thin access points running the firmware the
controllers expect to take advantage of all the features. Afterward, you simply need to configure the
controllers and VLANs, and start deploying hundreds or thousands of access points.

Managing a heterogeneous wireless network with central controllers, provided by the same vendor, is
absolutely the easiest way to deploy a scalable WLAN infrastructure. The cost of developing your own scripts or
buying third party management software far outweighs the cost of the access point controllers. Even ignoring the
added functionality you get with WLAN controllers, it makes sense to stick with one vendor: one vendor to call,
one bill to pay, and a higher probability of 100 percent reliability.

Please enable Javascript in your browser, before you post the comment! Now Javascript is disabled.